lor*_*max 6 java api-key google-cloud-platform google-cloud-endpoints-v2
我有一个配置了 Cloud Endpoints Framework 的 java 8 项目。
我遵循了这里的文档:https : //cloud.google.com/endpoints/docs/frameworks/java/get-started-frameworks-java
我尝试使用 API 密钥保护 API。我遵循了这里的文档:https : //cloud.google.com/endpoints/docs/frameworks/java/restricting-api-access-with-api-keys-frameworks
问题是我总是可以访问端点,无论我是否设置了 API 密钥。
这是API:
@Api(
name = "myApi",
title = "My API",
version = "v1",
description = "My API description",
apiKeyRequired = AnnotationBoolean.TRUE
)
public class MyApiEndpoint {
@ApiMethod(httpMethod = GET, path = "list", apiKeyRequired = AnnotationBoolean.TRUE)
public ApiEntityList list() throws Exception {
return new ApiEntityList();
}
}
这是 web.xml:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<filter>
<filter-name>endpoints-api-controller</filter-name>
<filter-class>com.google.api.control.extensions.appengine.GoogleAppEngineControlFilter</filter-class>
<init-param>
<param-name>endpoints.projectId</param-name>
<param-value>${app.deploy.project}</param-value>
</init-param>
<init-param>
<param-name>endpoints.serviceName</param-name>
<param-value>${app.deploy.project}.appspot.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>endpoints-api-controller</filter-name>
<servlet-name>EndpointsServlet</servlet-name>
</filter-mapping>
<filter>
<filter-name>endpoints-api-configuration</filter-name>
<filter-class>com.google.api.control.ServiceManagementConfigFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>endpoints-api-configuration</filter-name>
<servlet-name>EndpointsServlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>EndpointsServlet</servlet-name>
<servlet-class>com.google.api.server.spi.EndpointsServlet</servlet-class>
<init-param>
<param-name>services</param-name>
<param-value>com.myproject.MyApiEndpoint</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>EndpointsServlet</servlet-name>
<url-pattern>/_ah/api/*</url-pattern>
</servlet-mapping>
appengine-web.xml:
<?xml version="1.0" encoding="utf-8"?>
<appengine-web-app xmlns="http://appengine.google.com/ns/1.0">
<runtime>java8</runtime>
<threadsafe>true</threadsafe>
<service>core</service>
<url-stream-handler>urlfetch</url-stream-handler>
<system-properties>
<property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/>
</system-properties>
<env-variables>
<env-var name="ENDPOINTS_SERVICE_NAME" value="${app.deploy.project}.appspot.com" />
</env-variables>
</appengine-web-app>
我在 Google Cloud Platform 项目中创建了 API Key 作为新凭证,没有任何限制。
我可以在 GCP 上部署的 openapi.json 文件中看到以下几行:
"/myApi/v1/list": {
"get": {
"operationId": "MyApiList",
"parameters": [ ],
"responses": {
"200": {
"description": "A successful response",
"schema": {
"$ref": "#/definitions/ApiEntityList"
}
}
},
"security": [
{
"api_key": [ ]
}
]
}
},
"securityDefinitions": {
"api_key": {
"type": "apiKey",
"name": "key",
"in": "query"
}
},
下面的所有电话都没有被拒绝,但我希望它们是:
看起来apiKeyRequiredannotation 参数没有任何作用。
我在这里想念什么吗?
我只是在测试它,并通过在openapi.json文件中添加除 api 注释之外的顶级安全指令来使其工作。它应该看起来像这样:
{
"swagger": "2.0",
"info": {
"version": "1.0.0",
"title": "<PROJECT_ID>.appspot.com"
},
"host": "<PROJECT_ID>.appspot.com",
"basePath": "/_ah/api",
"schemes": [
"https"
],
"security": [
{
"api_key": [ ]
}
],
之后我再次运行部署$ gcloud endpoints services deploy target/openapi-docs/openapi.json并$ mvn appengine:deploy